package com.amado.course45mysql02.dao;

import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.SQLException;

public class EmployeeDeleteDao {
	// 使用拼sql增加
//	使用拼sql删除，有sql注入风险，不推荐使用
	public void delete1(Long id) {
		Connection conn = DBConnection.getConn();
		String sql = "delete from t_student where id='" + id + "'";
		PreparedStatement ps = null;
		try {
			ps = conn.prepareStatement(sql);
			ps.execute();
		} catch (SQLException e) {
			e.printStackTrace();
		}
		DBConnection.close(null, ps, conn);
	}

//	使用替换变量删除
	public void delete2(Long id) {
		Connection conn = DBConnection.getConn();
		String sql = "delete from t_student where id=?";
		PreparedStatement ps = null;
		try {
			ps = conn.prepareStatement(sql);
			ps.setLong(1, id);
			ps.execute();
		} catch (SQLException e) {
			e.printStackTrace();
		}
		DBConnection.close(null, ps, conn);
	}

	public static void main(String[] args) {
		EmployeeDeleteDao employeeDao = new EmployeeDeleteDao();
		employeeDao.delete1((long) 7);
		employeeDao.delete2((long) 8);
	}
}
